Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/oGoT-nIq7OXjBbwoIPdOn5vkeVo.roa
File: oGoT-nIq7OXjBbwoIPdOn5vkeVo.roa (raw, json)
Hash identifier: tPLssJzVnI56PhZvneIX8kTFPnwYMe7KOSOlUf1ISTY=
Subject key identifier: A0:6A:13:FA:72:2A:EC:E5:E3:05:BC:28:20:F7:4E:9F:9B:E4:79:5A
Certificate issuer: /CN=cb1383473e8aa8727068fc752e060e3dbf63e0ef
Certificate serial: 01898C53267370CC4FCD388DCDF44213BDB8
Authority key identifier: CB:13:83:47:3E:8A:A8:72:70:68:FC:75:2E:06:0E:3D:BF:63:E0:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/oGoT-nIq7OXjBbwoIPdOn5vkeVo.roa
Signing time: Tue 25 Jul 2023 09:13:26 +0000
ROA not before: Tue 25 Jul 2023 09:13:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 194.34.199.0/24 maxlen: 24
194.35.73.0/24 maxlen: 24
194.35.75.0/24 maxlen: 24
194.104.99.0/24 maxlen: 24
194.35.11.0/24 maxlen: 24
2a00:7940::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:53:26:73:70:cc:4f:cd:38:8d:cd:f4:42:13:bd:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb1383473e8aa8727068fc752e060e3dbf63e0ef
Validity
Not Before: Jul 25 09:13:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a06a13fa722aece5e305bc2820f74e9f9be4795a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:5a:fe:0f:b2:87:95:ee:0e:71:1d:be:4b:67:
c3:c6:6a:62:c0:f0:3f:8b:f7:01:95:5c:15:fc:36:
f0:5f:1b:c2:95:09:e5:96:6d:4a:c6:64:44:7c:87:
5e:1f:e2:87:7c:eb:6e:55:03:25:7e:7a:6c:9f:fa:
49:47:24:db:b7:d0:3c:c7:58:43:76:ba:f8:de:7f:
29:98:28:b3:35:1f:27:88:d2:86:7a:f5:70:b6:01:
27:6c:66:ff:e0:f2:7a:aa:df:07:40:d3:44:56:99:
61:7b:f0:81:16:25:5e:2c:a5:26:72:63:52:e9:95:
5d:d8:28:ce:3d:a0:6c:41:4d:9f:21:b9:9b:30:d5:
4a:67:fc:e1:6c:dd:8b:a0:2f:fc:05:02:0a:af:35:
50:39:1c:95:3d:da:6d:75:a5:d7:33:1a:d8:2a:f6:
6f:24:58:ba:bf:41:aa:f4:c2:70:21:18:88:40:05:
0c:f4:e8:91:53:71:e0:40:cb:6e:58:68:1b:ab:db:
d0:4c:20:0c:fd:1c:ea:dd:91:57:52:9b:0a:0a:77:
d2:bc:e0:d4:1e:3d:42:19:2b:fb:5f:54:c3:a4:92:
c2:d2:32:10:ea:46:c9:6e:47:1a:1c:dd:2e:10:fa:
2a:9f:f4:33:46:c6:09:c7:c4:cf:ca:87:08:a4:59:
3f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6A:13:FA:72:2A:EC:E5:E3:05:BC:28:20:F7:4E:9F:9B:E4:79:5A
X509v3 Authority Key Identifier:
keyid:CB:13:83:47:3E:8A:A8:72:70:68:FC:75:2E:06:0E:3D:BF:63:E0:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/oGoT-nIq7OXjBbwoIPdOn5vkeVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.199.0/24
194.35.11.0/24
194.35.73.0/24
194.35.75.0/24
194.104.99.0/24
IPv6:
2a00:7940::/32
Signature Algorithm: sha256WithRSAEncryption
af:d2:f6:bd:80:f6:09:3a:c0:2c:33:35:ee:3d:61:e3:b4:d2:
9c:bd:f7:f7:fc:22:32:73:61:da:a5:d3:30:6f:71:32:7b:6a:
f3:7b:75:84:4f:94:de:e9:18:ee:36:a4:9e:8d:0f:38:85:e9:
d3:a5:84:aa:cb:99:69:73:87:41:62:3a:fe:ab:f5:b6:d2:d2:
e6:4b:2a:5d:1a:e2:f3:03:32:99:74:ae:87:65:ee:b8:6b:27:
6f:b2:74:5c:5f:93:dc:16:92:7d:f8:a4:0c:8d:14:8c:48:9c:
be:33:65:13:6d:5d:df:34:a1:a5:bf:c0:6c:fc:8b:19:ca:7c:
bf:ab:b5:39:82:e3:7e:6d:de:ea:b6:94:7b:94:99:09:03:be:
9d:91:a4:7b:0c:a5:3f:22:26:0c:84:b3:89:4d:b6:e6:fb:7f:
fe:98:d3:a7:93:53:3a:71:56:c6:e6:d9:84:89:47:c2:9f:81:
31:26:b4:df:eb:94:4b:8a:fd:d2:df:21:a8:73:2c:b7:ac:d7:
03:37:2d:1f:f2:af:d8:e9:97:8c:03:ca:b5:9b:b3:78:c7:d0:
54:57:03:31:bc:94:58:15:39:ee:5b:10:33:65:a3:45:34:66:
56:8d:7d:2f:2e:d9:4c:26:ff:6d:83:e2:f5:73:b1:13:d8:b3:
e6:3f:f2:af
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYmMUyZzcMxPzTiNzfRCE724MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTM4MzQ3M2U4YWE4NzI3MDY4ZmM3NTJlMDYwZTNkYmY2
M2UwZWYwHhcNMjMwNzI1MDkxMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDZhMTNmYTcyMmFlY2U1ZTMwNWJjMjgyMGY3NGU5ZjliZTQ3OTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglr+D7KHle4OcR2+S2fDxmpiwPA/
i/cBlVwV/DbwXxvClQnllm1KxmREfIdeH+KHfOtuVQMlfnpsn/pJRyTbt9A8x1hD
drr43n8pmCizNR8niNKGevVwtgEnbGb/4PJ6qt8HQNNEVplhe/CBFiVeLKUmcmNS
6ZVd2CjOPaBsQU2fIbmbMNVKZ/zhbN2LoC/8BQIKrzVQORyVPdptdaXXMxrYKvZv
JFi6v0Gq9MJwIRiIQAUM9OiRU3HgQMtuWGgbq9vQTCAM/Rzq3ZFXUpsKCnfSvODU
Hj1CGSv7X1TDpJLC0jIQ6kbJbkcaHN0uEPoqn/QzRsYJx8TPyocIpFk/LwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKBqE/pyKuzl4wW8KCD3Tp+b5HlaMB8GA1UdIwQY
MBaAFMsTg0c+iqhycGj8dS4GDj2/Y+DvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jNjNjOTQtZTU2OS00MWI4LThlMmIt
ZDE4YjA5Y2YzYTFkLzEvb0dvVC1uSXE3T1hqQmJ3b0lQZE9uNXZrZVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jNjNjOTQtZTU2OS00MWI4LThlMmItZDE4YjA5Y2YzYTFk
LzEveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAwiLHAwQA
wiMLAwQAwiNJAwQAwiNLAwQAwmhjMA0EAgACMAcDBQAqAHlAMA0GCSqGSIb3DQEB
CwUAA4IBAQCv0va9gPYJOsAsMzXuPWHjtNKcvff3/CIyc2HapdMwb3Eye2rze3WE
T5Te6RjuNqSejQ84henTpYSqy5lpc4dBYjr+q/W20tLmSypdGuLzAzKZdK6HZe64
aydvsnRcX5PcFpJ9+KQMjRSMSJy+M2UTbV3fNKGlv8Bs/IsZyny/q7U5guN+bd7q
tpR7lJkJA76dkaR7DKU/IiYMhLOJTbbm+3/+mNOnk1M6cVbG5tmEiUfCn4ExJrTf
65RLiv3S3yGocyy3rNcDNy0f8q/Y6ZeMA8q1m7N4x9BUVwMxvJRYFTnuWxAzZaNF
NGZWjX0vLtlMJv9tg+L1c7ET2LPmP/Kv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:21 2024 by rpki-client on console-ams.rpki-client.org